Download the kernel patches from the main site:
ftp://ftp.ox.compsoc.org.uk/pub/users/steve/ipsubs/subs-patch-1.1.gz
or the backup site (normally much faster to the US):
http://www.monmouth.demon.co.uk/ipsubs/subs-patch-1.1.gz
Also download the configuration tool (I could have adapted ipfwadm but
there already enough versions of this tool so it would have further
confused the problem) from:
ftp://ftp.ox.compsoc.org.uk/pub/users/steve/ipsubs/ipsubs.c
or the backup site (normally much faster to the US):
http://www.monmouth.demon.co.uk/ipsubs/ipsubs.c
Patch the kernel and recompile:
cd /usr/src/linux zcat subs-patch-1.1.gz | patch -p1
Compile the configuration utility:
gcc ipsubs.c -o ipsubs chmod a+x ipsubs
Before attempting to setup Port forwarding, set up and use IP Masquerading. Until its enabled with ipsubs, Port forwarding will not affect IP Masquerading in any way.
To configure redirection of a local port (local refers to the machine
running the masquerading), you need to use ipsubs. It's options can be
described as:
ipsubs -h
Usage: ipsubs -A {-t port | -u port} -R a.a.a.a/port add entry
ipsubs -D {-t port | -u port} delete entry
ipsubs -C clear table
There will shortly be another option "-L" to list the table but until this
is implemented, you can type:cat /proc/net/ip_subs
You need an example? ok.
/sbin/ipfwadm -I -f /sbin/ipfwadm -O -f /sbin/ipfwadm -F -f /sbin/ipfwadm -F -p deny /sbin/ipfwadm -F -a masquerade -S 10.0.0.0/8 -D 0.0.0.0/0 /usr/local/sbin/ipsubs -C /usr/local/sbin/ipsubs -A -t80 -R 10.0.0.2/80 # WWW /usr/local/sbin/ipsubs -A -u525 -R 10.0.0.2/525 # timed cat /proc/net/ip_subs Local Port Remote Addr/Port UDP 525: 10.0.0.2/525 TCP 80: 10.0.1.2/80